L Number 


Hits 


Search Text 


DB 


Time stamp 


1 


1643 


group near4 membership 


USPAT; 
US-PGPUB; 
EPO; JPO; 
DERWENT ; 
IBM TDB 


2003/04/11 


12:16 


2 


17 


(group near4 membership) near6 certificate 


USPAT; 
US-PGPUB; 
EPO; JPO; 
DERWENT ; 
IBM TDB 


2003/04/11 


12:22 


3 


60 


non -member ship 


USPAT; 
US-PGPUB; 
EPO; JPO; 
DERWENT; 
IBM TDB 


2003/04/11 


12:22 


4 


1 


non-membership same certificates 


USPAT; 
US-PGPUB; 
EPO; JPO; 
DERWENT; 
IBM TDB 


2003/04/11 


12:25 


5 


13 


non-membership same groups 


USPAT; 
US-PGPUB; 
EPO; JPO; 
DERWENT; 
IBM TDB 


2003/04/11 


12:25 



\ 



Search History 4/11/03 12:29:28 PM Page 1 
C : \APPS\EAST\Workspaces\def ault . wsp 



Doc: I7/17| "Full" 1 /40 (Total imngos 40) — ^ 



|Eii5yi:rti»ge>»TS5ismwi~dow»aeiPi 



PPT WORLD INTELLECTUAL PROPERTY ORGANIZATION 

■*■ ^ Trurmtrionii Bums 

INTERNATIONAL APPUCATION PUBUSHED UNDER THE PATENT COOPERATION TREATY (PCT) 



(51) Inttnulkmtl Patent Ciasatflotticm 7 : 
G06F 1/00 



Al 



(1 1) Interna tkmal Pnbttetdon Number i WO 00/68762 

(43) Interaatkraal Publication Date: 1 6 November 2000 Ctd.1 1X0) 



(21) luttrmtiooal Application Kumben PCi7US00/i2O53 

(22) International FUlng Date) 2 May 2000 (OZQJjQO) 



(30) Priority DaU] 
09/309,045 



10 May 1999 (10-03.99) 



(71) Applicant; SUN MICROSYSTEMS. INC [US/US]: M/S 

PALi-511. 901 Sen Aruocio Read. Pal© Alto. CA 94303 
(US). 

(72) IaTOUcrr ELLEY, Yauir, 375 A Harvard Street, 027A, 

Cambridge, MA 02138 (US). ANDERSON, Anne, 
28 Mfnntamm Road. Acton, MA 01720 (US). KANNA 
Stephen, R4 3 Beverly Road, Bedford, MA O1730 (US). 
MULLAN. Sean. 66 Kaihertne Scad, Wstatown, MA 
02473 (US). PEARLMAN, Radii, 10 Huckkbeny Lane, 
ActOfl. MA 01720 (US). 

(74) Agents: CHOI, Yocifc Si Caari and McKerma, LLP, 30 Rowes 
Wharf, Boston, MA 02110 (US) eteL 



(81) Designated StBtcn AB, AL, AU, BA, BB, BO, BR, CA, CN, 
CR, CU, CZ, DM, ES.OD.Cffi.HR, HU, ID, IL, IN. IS, 
IP, KP, KR, LC, LK. LR. LT, LV, MA, MO, MK, MN, 
MX, NO, NZ, PL, RO, SO, 51. SK, TR, TT. UA. UZ, VN, 
YU. ZA. ARLPO patent (GH, GM. KE. LS. MW, SD. SI, 
SZ, TZ, UG, ZW), Eurasian patent (AM, AZ, BY, KG, KZ, 
MD. RU. TJ. 174). European patent (AT, BB, CH, CY. DE, 
DK, ES. PL FR, OB, OR. E, rT, LU, MC, NL, PT, SE), 
OAP1 patent (BP, BJ, CP, CO, CL CM, OA ON. OW, ML, 
MR, NE, SN. TD. TO). 



PubUibtd 

WJrt international x«wxA rrpari. 



(54) TUk: METHOD AND SYSTEM FOR DYNAMIC ISSUANCE OP GROUP CERTIFICATES 
(57) 



In accordance with lbs bvexricn, on-line 
group servers Issue group tnenibcfjhlp er (roup 
non-membership certificates upon request. Ftmber- 
more, when a requester requests a group certificate 
for a particular entity, the associated group cerver 
makes a dynamic decision regarding tne entity's 
membenhlp In tha group rather (hart limply referring 
to a membenhlp list. These capahilltlti provide for, 
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A method ead system for cvalaiting a s« of credentials that 
inchtdes il least ff"**- £TTWp credential and thai rnay fnrhnte 
one or more additional eredcmiiJa. A trust ruing if provided 
in i*iftrlify v f with the u leas group credential within 
the Kt of cTcdcorkls and trust ruinjp may il*o be provided 
in oilier credentials within the set of credeniiahv. Bach truti 
r »Hng provides an indication of the level of confidence- In the 
infonnirjon being certified in the respective credential. In 
response to 4 request for access to t resource or service, id 
evaluation of the group credential* is per formed try an 
access control program to determine whether access to the 
nqtuctad reaonrce 01 aervfce ihauld b* provided. In one 
embodiment, within any gnrcn certification path a composite 
trust ntinfi for the nspooiw paxh Lb determined. An overall 
trust r uling £br the set of <irc d c TT tfifa is rh rtf Tmirrnl based 
upon the composite tract ratings. Upon a daermhmtfrm Hut 
a user requesting access to a resource has an acceptable set 
of credentials tad s satisfactory tmu rating, access to the 
requested resource or service is granted to the user. 
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